You belong to the top echelon of talent in your field. At one of the world's most iconic financial institutions, where infrastructure is of paramount importance, you can play a pivotal role.

Job responsibilities

• Own the end‑to‑end risk lifecycle across business and technology, including identification, assessment, prioritization, mitigation, monitoring, and reporting
• Lead product, change, vendor, and technology risk assessments, defining control requirements and residual risk
• Translate regulations and policies into practical, auditable controls and operating procedures, and execute enterprise and operational risk frameworks
• Build and maintain risk registers, KRIs/KPIs, and dashboards; escalate material risks with clear remediation plans and timelines
• Drive issue management and remediation, verifying sustainable control design and effectiveness
• Champion governance through risk committees, change forums, and control councils; prepare materials and present risk posture
• Conduct scenario analysis and stress testing and facilitate tabletop exercises to inform capital, contingency, resilience, and incident response plans
• Manage third‑party and outsourcing risk via due diligence, ongoing monitoring, and exit planning
• Partner with Cyber, Technology, and Operations to reduce operational, cyber, data, and resilience risks and to assess change risk pre‑ and post‑implementation
• Perform root‑cause analysis on incidents and near misses; implement corrective and preventive actions and automate monitoring where possible
• Coordinate audits, exams, and regulatory responses while maintaining accurate documentation and ensuring timely, sustainable closure of findings

Required qualifications, capabilities, and skills

• Formal training or certification on infrastructure disciplines concepts and 3+ years applied experience

• Hands on experience in risk management, internal audit, compliance, or technology/cyber risk within financial services
• Apply deep knowledge of risk frameworks and regulations such as COSO, ISO 31000, NIST CSF, SOC, PCI, SOX, and OCC/FRB/SEC guidance
• Build KRIs, dashboards, and executive reporting using Excel and PowerPoint; leverage data tools such as SQL and Tableau/Power BI
• Quantify risk and articulate trade‑offs with analytical rigor and sound judgment
• Influence stakeholders constructively, balancing effective challenge with partnership
• Deliver programs and drive issue closure with clear owners, milestones, and metrics
• Communicate succinctly with executive‑ready storytelling and documentation
• Adapt to fast‑paced, highly regulated environments
• Pursue continuous learning in risk management and technology

Preferred qualifications, capabilities, and skills

• Earn or maintain professional certifications such as CRISC, CISA, CISSP, CIA, FRM, or PMP
• Script in Python or similar languages to automate controls, monitoring, and analysis
• Operate across multiple public and private cloud environments and support migrations
• Apply and expand infrastructure engineering expertise across hardware, networking, databases, storage, deployment, integration, automation, scaling, resilience, and performance